Travelers Face Greater Use of Personal Data

The United States and the European Union have agreed to expand a security program that shares personal data about millions of U.S.-bound airline passengers a year, potentially including information about a person's race, ethnicity, religion and health.

Under the agreement, airlines flying from Europe to the United States are required to provide data related to these matters to U.S. authorities if it exists in their reservation systems. The deal allows Washington to retain and use it only "where the life of a data subject or of others could be imperiled or seriously impaired," such as in a counterterrorism investigation.

According to the deal, the information that can be used in such exceptional circumstances includes "racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership" and data about an individual's health, traveling partners and sexual orientation.

Airlines do not usually gather such data, but officials say it could wind up in passenger files as a result of requests for special services such as wheelchairs, or through routine questioning by airline personnel and travel agents about contacts, lodging, next of kin and traveling companions. Even a request for a king-size bed at a hotel could be noted in the database.

The data now stored includes names, addresses and credit card information as well as telephone and e-mail contacts, itineraries, and hotel and rental car reservations.

The deal, signed yesterday by the United States and approved Monday in Europe, provoked alarm from privacy and civil-liberties groups on both sides of the Atlantic. "What Americans should be concerned about is it is now here in black and white: The government will maintain a database of all travelers -- including travelers of U.S. citizenship, including people who are believed to be no risk or threat . . . the government will maintain that and data-mine it," said Jim Dempsey, policy director for the Center for Democracy and Technology, a Washington-based advocacy group.

Peter Hustinx, the E.U.'s privacy supervisor, expressed "grave concern" over the plan, which he said is "without legal precedent." He wrote to E.U. officials on June 27, "I have serious doubts whether the outcome of these negotiations will be fully compatible with European fundamental rights."

U.S. Homeland Security Secretary Michael Chertoff praised the pact as an "essential screening tool for detecting potentially dangerous transatlantic travelers." If available at the time of the Sept. 11, 2001, attacks, Chertoff said, such information would have, "within a matter of moments, helped to identify many of the 19 hijackers by linking their methods of payment, phone numbers and seat assignments."

U.S. customs officials began collecting Passenger Name Record data in 1992 for inbound international flights and enforced the requirement after the 2001 attacks. The government now stores data on nearly all 87 million passengers who arrive in the country by air each year, most of them from Europe, in a master border security database, Homeland Security officials said.

The government combines such information with terrorist watch lists, other databases and sophisticated computer algorithms to detect high-risk travelers, in ways that watchdog groups say it has not adequately explained.

The agreement announced yesterday extends and expands a 2004 arrangement between the United States and the European Union. That pact was struck down on a technicality in May by Europe's highest court, which gave both sides until July 31 to negotiate a new deal. The United States had threatened to turn back flights otherwise.

Paul Rosenzweig, Homeland Security's deputy assistant secretary for policy, said sensitive information that is subject to extensive restrictions in Europe, such as data on religious beliefs and sex partners, is routinely filtered out by U.S. computer systems. To his knowledge, he said, the U.S. government has never invoked its authority to use such information.